Top Banner

of 69

Layer 2 Switch Security(1) (1)

Oct 14, 2015

Download

Documents

dil17

layer 2
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript

  • Layer 2 Switch Security*The material within was originally presented at Cisco Networkers LiveCS 6823

    Keith [email protected]

    ]

  • Why Worry About Layer 2 Security?OSI was built to allow different layers to work without the knowledge of each other

    *

  • Lower Levels Affect Higher LevelsThis means if one layer is hacked, communications are compromised without the other layers being awareSecurity is only as strong as the weakest linkLayer 2 can be VERY weak*

  • MAC Attacks*

  • MAC Address CAM TableCAM table stands for Content Addressable MemoryThe CAM tables stores information such as MAC addresses available on physical ports with their associated VLAN parametersAll CAM tables have a fixed size*

  • Normal CAM Behavior 1/3*MAC C

  • Normal CAM Behavior 2/3*MAC CB 2I Am MAC BI Am MAC B

  • Normal CAM Behavior 3/3*MAC CDoes Not See Traffic to BB 2

  • CAM Overflow Tools Macof tool About 100 lines of PERLIncluded in DSNIFF

    Attack successful by exploiting the size limit on Cam tables

    Yersinia Swiss-army knife for layer 2 attacks*

  • CAM Overflow *

  • MAC Flooding Switches with macofMacof sends random source MAC and IP addresses

    Much more aggressive if you run the commandmacof I eth 1 2>/dev/nullMacof (part of DSNIFF): http://monkey.org/~dugsong/dsniff/

    *macof i eth136:a1:48:63:81:70 15:26:8d:4d:28:f8 0.0.0.0.26413 > 0.0.0.0.49492: S 1094191437:1094191437(0) win 51216:e8:8:0:4d:9c da:4d:bc:7c:ef:be 0.0.0.0.61376 > 0.0.0.0.47523: S 446486755:446486755(0) win 51218:2a:de:56:38:71 33:af:9b:5:a6:97 0.0.0.0.20086 > 0.0.0.0.6728: S 105051945:105051945(0) win 512e7:5c:97:42:ec:1 83:73:1a:32:20:93 0.0.0.0.45282 > 0.0.0.0.24898: S 1838062028:1838062028(0) win 51262:69:d3:1c:79:ef 80:13:35:4:cb:d0 0.0.0.0.11587 > 0.0.0.0.7723: S 1792413296:1792413296(0) win 512c5:a:b7:3e:3c:7a 3a:ee:c0:23:4a:fe 0.0.0.0.19784 > 0.0.0.0.57433: S 1018924173:1018924173(0) win 51288:43:ee:51:c7:68 b4:8d:ec:3e:14:bb 0.0.0.0.283 > 0.0.0.0.11466: S 727776406:727776406(0) win 512b8:7a:7a:2d:2c:ae c2:fa:2d:7d:e7:bf 0.0.0.0.32650 > 0.0.0.0.11324: S 605528173:605528173(0) win 512e0:d8:1e:74:1:e 57:98:b6:5a:fa:de 0.0.0.0.36346 > 0.0.0.0.55700: S 2128143986:2128143986(0) win 512

  • CAM Table FULLOnce the CAM table on the switch is full, traffic without a CAM entry is flooded out every port on that VLAN

    This will turn a VLAN on a switch into a hub

    This attack will also fill the CAM tables of adjacent switches

    *10.1.1.22 -> (broadcast) ARP C Who is 10.1.1.1, 10.1.1.1 ?10.1.1.22 -> (broadcast) ARP C Who is 10.1.1.19, 10.1.1.19 ?10.1.1.26 -> 10.1.1.25 ICMP Echo request (ID: 256 Sequence number: 7424) OOPS10.1.1.25 -> 10.1.1.26 ICMP Echo reply (ID: 256 Sequence number: 7424) OOPS

  • Countermeasures for MAC Attacks*SolutionPort security limits MAC flooding attack and locks down port and sends an SNMP trap00:0e:00:aa:aa:aa00:0e:00:bb:bb:bb132,000 Bogus MACsOnly One MAC Addresses Allowed on the Port: ShutdownPort Security Limits the Amount of MACs on an Interface

  • Countermeasure for MAC Attacks with IP Phones*Could Use Two or Three MAC Addresses Allowed on the Port: ShutdownPhones can use two or three depending on the switch hardware and softwareDefault config is disable port, might want to restrict for VoIPThis feature is to protect that switch, you can make the number anything you like as long as you dont overrun the CAM table

  • Port Security: Example*Cisco Catalyst OSset port security 5/1 enableset port security 5/1 port max 3set port security 5/1 violation restrictset port security 5/1 age 2set port security 5/1 timer-type inactivityCisco IOSswitchport port-security switchport port-security maximum 3 switchport port-security violation restrict switchport port-security aging time 2 switchport port-security aging type inactivityNumber is not to control access, it is to protect the switch from attackDepending on security policy, disabling the port might be preferred, even with VoIPAging time of two and aging type inactivity to allow for phone CDP of 1 minute

  • Port SecurityIn the past you would have to type in the only MAC you were going to allow on that portYou can now put a limit on how many MAC addresses a port will learnYou can also put timers in to state how long the MAC address will be bound to that switch portYou might still want to do static MAC entries on ports that there should be no movement of devices, such as in server farms*

  • Building the LayersPort Security prevents CAM attacks *Port Security

  • VLAN Hopping Attacks*

  • Basic Trunk Port Defined*VLAN 10VLAN 20VLAN 10VLAN 20Trunk with: Native VLANVLAN 10VLAN 20Trunk ports have access to all VLANs by defaultUsed to route traffic for multiple VLANs across the same physical link (generally between switches or phones)Encapsulation can be 802.1q or ISL

  • Basic VLAN Hopping Attack*An end station can spoof as a switch with ISL or 802.1qThe station is then a member of all VLANsRequires a trunking configuration of the native VLAN to be VLAN 1VLAN 10VLAN 20VLAN 10Trunk with: Native VLANVLAN 10VLAN 20Trunk with: Native VLANVLAN 10VLAN 20

  • Double 802.1q Encapsulation VLAN Hopping Attack*Send 802.1q double encapsulated framesSwitch performs only one level of decapsulationUnidirectional traffic onlyWorks even if trunk ports are set to off802.1q,802.1qStrip Off First, and Send Back Out802.1q FrameFrame

  • Security Best Practices for VLANs and Trunking

    Always use a dedicated VLAN ID for all trunk ports

    Be paranoid: do not use VLAN 1 for anything

    Disable auto-trunking on user facing ports (DTP off)

    Explicitly configure trunking on infrastructure ports

    Use all tagged mode for the native VLAN on trunks*

  • DHCP Attacks*

  • DHCP Function: High Level*ClientDHCP ServerServer dynamically assigns IP address on demandAdministrator creates pools of addresses available for assignment Address is assigned with lease timeDHCP delivers other configuration information in options

  • DHCP Function: Lower LevelDHCP defined by RFC 2131DHCP ServerClient

  • DHCP Function: Lower LevelDHCP Request/Reply Types

    MessageUseDHCPDISCOVER Client Broadcast to Locate Available ServersDHCPOFFER Server to Client in Response to DHCPDISCOVER with Offer of Configuration ParametersDHCPREQUEST Client Message to Servers Either (a) Requesting Offered Parameters from One Server and Implicitly Declining Offers from All Others, (b) Confirming Correctness of Previously Allocated Address After, e.g., System Reboot, or (c) Extending the Lease on a Particular Network AddressDHCPACK Server to Client with Configuration Parameters, Including Committed Network AddressDHCPNAK Server to Client Indicating Clients Notion of Network Address Is Incorrect (e.g., Client Has Moved to New Subnet) or Clients Lease as Expired DHCPDECLINE Client to Server Indicating Network Address Is Already in UseDHCPRELEASE Client to Server Relinquishing Network Address and Canceling Remaining LeaseDHCPINFORM Client to Server, Asking Only for Local Configuration Parameters; Client Already Has Externally Configured Network Address.

  • DHCP Function: Lower LevelTransaction ID (XID)OP CodeHardwareTypeHardwareLengthHOPSYour IP Address (YIADDR)SecondsClient IP Address (CIADDR)Server IP Address (SIADDR)Gateway IP Address (GIADDR)FlagsServer Name (SNAME)64 BytesFilename128 BytesDHCP OptionsClient Hardware Address (CHADDR)16 BytesIPv4 DHCP Packet Format

  • DHCP Attack Types - DHCP Starvation AttackGobbler/DHCPx looks at the entire DHCP scope and tries to lease all of the DHCP addresses available in the DHCP scopeThis is a Denial of Service DoS attack using DHCP leasesClientGobblerDHCPServer

  • Countermeasures for DHCP AttacksDHCP Starvation Attack = Port SecurityGobbler uses a new MAC address to request a new DHCP leaseRestrict the number of MAC addresses on a port Will not be able to lease more IP address then MAC addresses allowed on the portIn the example the attacker would get one IP address from the DHCP serverClientGobblerDHCPServerCisco Catalyst OSset port security 5/1 enableset port security 5/1 port max 1set port security 5/1 violation restrictset port security 5/1 age 2set port security 5/1 timer-type inactivityCisco IOSswitchport port-security switchport port-security maximum 1 switchport port-security violation restrict switchport port-security aging time 2 switchport port-security aging type inactivity

  • DHCP Attack Types - Rogue DHCP Server AttackClientDHCPServerRogue Server or Unapproved

  • DHCP Attack Types -Rogue DHCP Server AttackWhat can the attacker do if he is the DHCP server?What do you see as a potential problem with incorrect information?Wrong default gatewayAttacker is the gatewayWrong DNS serverAttacker is DNS server Wrong IP addressAttacker does DOS with incorrect IP

  • Countermeasures for DHCP AttacksRogue DHCP Server = DHCP SnoopingBy default all ports in the VLAN are untrustedClientDHCPServerRogue ServerTrustedUntrustedUntrustedDHCP Snooping-EnabledDHCP Snooping Untrusted ClientInterface Commandsno ip dhcp snooping trust (Default)ip dhcp snooping limit rate 10 (pps)Cisco IOSGlobal Commandsip dhcp snooping vlan 4,104no ip dhcp snooping information optionip dhcp snoopingDHCP Snooping Trusted Serveror Uplink BAD DHCP Responses:offer, ack, nakOK DHCP Responses: offer, ack, nakInterface Commandsip dhcp snooping trust

  • Countermeasures for DHCP AttacksRogue DHCP Server = DHCP SnoopingTable is built by snooping the DHCP reply to the clientEntries stay in table until DHCP lease time expiresClientDHCPServerRogue ServerTrustedUntrustedUntrustedDHCP Snooping-EnabledDHCP Snooping Binding Tablesh ip dhcp snooping bindingMacAddress IpAddress Lease(sec) Type VLAN Interface------------------ --------------- ---------- ------------- ---- --------------------00:03:47:B5:9F:AD 10.120.4.10 193185 dhcp-snooping 4 FastEthernet3/18 BAD DHCP Responses:offer, ack, nakOK DHCP Responses: offer, ack, nak

  • Advanced Configuration DHCP SnoopingGobbler uses a unique MAC for each DHCP request and port security prevents GobblerWhat if the attack used the same interface MAC address, but changed the client hardware address in the request?Port security would not work for that attackThe switches check the CHADDR field of the request to make sure it matches the hardware MAC in the DHCP snooping binding tableIf there is not a match, the request is dropped at the interfaceTransaction ID (XID)OP CodeHardwareTypeHardwareLengthHOPSYour IP Address (YIADDR)SecondsClient IP Address (CIADDR)Server IP Address (SIADDR)Gateway IP Address (GIADDR)FlagsServer Name (SNAME)64 BytesFilename128 BytesDHCP OptionsClient Hardware Address (CHADDR)16 BytesNote: Some switches have this on by default, and others dont; please check the documentation for settings

  • DHCP Rogue ServerIf there are switches in the network that will not support DHCP snooping, you can configure VLAN ACLs to block UDP port 68set security acl ip ROGUE-DHCP permit udp host 192.0.2.1 any eq 68set security acl ip ROGUE-DHCP deny udp any any eq 68set security acl ip ROGUE-DHCP permit ip any anyset security acl ip ROGUE-DHCP permit udp host 10.1.1.99 any eq 68DHCP Server 10.1.1.99Router 192.0.2.1Will not prevent the CHADDR DHCP starvation attack

  • Summary of DHCP AttacksDHCP starvation attacks can be mitigated by port securityRogue DHCP servers can be mitigated by DHCP snooping featuresWhen configured with DHCP snooping, all ports in the VLAN will be untrusted for DHCP repliesCheck default settings to see if the CHADDR field is being checked during the DHCP requestUnsupported switches can run ACLs for partial attack mitigation (can not check the CHADDR field)

  • Building the LayersPort security prevents CAM attacks and DHCP starvation attacks DHCP snooping prevents rogue DHCP server attacks

  • ARP Attacks*

  • ARP Function ReviewBefore a station can talk to another station it must do an ARP request to map the IP address to the MAC addressThis ARP request is broadcast using protocol 0806All computers on the subnet will receive and process the ARP request; the station that matches the IP address in the request will send an ARP replyWho Is 10.1.1.4?I Am 10.1.1.4MAC A

  • ARP Function ReviewAccording to the ARP RFC, a client is allowed to send an unsolicited ARP reply; this is called a gratuitous ARP; other hosts on the same subnet can store this information in their ARP tablesAnyone can claim to be the owner of any IP/MAC address they likeARP attacks use this to redirect traffic You Are 10.1.1.1MAC AI Am 10.1.1.1MAC AYou Are 10.1.1.1MAC AYou Are 10.1.1.1MAC A

  • ARP Attack ToolsMany tools on the net for ARP man-in-the-middle attacksDsniff, Cain & Abel, ettercap, Yersinia, etc.ettercap: http://ettercap.sourceforge.net/index.phpSome are second or third generation of ARP attack toolsMost have a very nice GUI, and is almost point and clickPacket insertion, many to many ARP attackAll of them capture the traffic/passwords of applications FTP, Telnet, SMTP, HTTP, POP, NNTP, IMAP, SNMP, LDAP, RIP, OSPF, PPTP, MS-CHAP, SOCKS, X11, IRC, ICQ, AIM, SMB, Microsoft SQL, etc.

  • ARP Attack ToolsEttercap in actionAs you can see runs in Window, Linux, MacDecodes passwords on the flyThis example, telnet username/ password is captured

  • ARP Attack Tools: SSH/SSLUsing these tools SSL/SSH sessions can be intercepted and bogus certificate credentials can be presentedOnce you have excepted the certificate, all SSL/SSH traffic for all SSL/SSH sites can flow through the attacker

  • ARP Attack in ActionAttacker poisons the ARP tables 10.1.1.1MAC A10.1.1.2MAC B10.1.1.3MAC C10.1.1.2 Is Now MAC C10.1.1.1 Is Now MAC CARP 10.1.1.1 Saying 10.1.1.2 Is MAC CARP 10.1.1.2 Saying 10.1.1.1 Is MAC C

  • ARP Attack in ActionAll traffic flows through the attackerTransmit/ReceiveTraffic to10.1.1.1 MAC CTransmit/Receive Traffic to 10.1.1.2 MAC C10.1.1.2MAC B10.1.1.3MAC C10.1.1.2 Is Now MAC C10.1.1.1 Is Now MAC C10.1.1.1MAC A

  • 10.1.1.2 Is Now MAC BARP Attack Clean UpAttacker corrects ARP tables entriesTraffic flows return to normal10.1.1.1 Is Now MAC AARP 10.1.1.1 Saying 10.1.1.2 Is MAC BARP 10.1.1.2 Saying 10.1.1.1 Is MAC A10.1.1.2MAC B10.1.1.3MAC C10.1.1.1MAC A

  • Countermeasures to ARP Attacks: Dynamic ARP InspectionUses the DHCP snooping binding table informationDynamic ARP inspectionAll ARP packets must match the IP/MAC binding table entriesIf the entries do not match, throw them in the bit bucketNone Matching ARPs in the Bit Bucket10.1.1.1MAC A10.1.1.2MAC B10.1.1.3MAC CARP 10.1.1.1 Saying 10.1.1.2 Is MAC CARP 10.1.1.2 Saying 10.1.1.1 Is MAC CDHCP Snooping- Enabled Dynamic ARP Inspection- Enabled

  • Countermeasures to ARP Attacks:Dynamic ARP InspectionDHCP snooping has to be configured so the binding table it builtDAI is configured by VLANYou can trust an interface like DHCP snooping

  • Countermeasures to ARP Attacks: Dynamic ARP InspectionUses the information from the DHCP snooping binding table

    Looks at the mac address and ip address fields to see if the ARP from the interface is in the binding; if not, traffic is blockedsh ip dhcp snooping bindingMacAddress IpAddress Lease(sec) Type VLAN Interface------------------ --------------- ---------- ------------- ---- --------------------00:03:47:B5:9F:AD 10.120.4.10 193185 dhcp-snooping 4 FastEthernet3/18

  • Countermeasures to ARP Attacks:Dynamic ARP InspectionCisco IOSGlobal Commandsip dhcp snooping vlan 4,104no ip dhcp snooping information optionip dhcp snoopingip arp inspection vlan 4,104ip arp inspection log-buffer entries 1024ip arp inspection log-buffer logs 1024 interval 10Interface Commandsip dhcp snooping trustip arp inspection trustCisco IOSInterface Commandsno ip arp inspection trust (default)ip arp inspection limit rate 15(pps)Dynamic ARP Inspection Example

  • Non-DHCP DevicesCan use static bindings in the DHCP snooping binding table

    Show static and dynamic entries in the DHCP snooping binding table is different Cisco IOSGlobal Commandsip source binding 0000.0000.0001 vlan 4 10.0.10.200 interface fastethernet 3/1Cisco IOSShow Commandsshow ip source binding

  • Building the LayersPort security prevents CAM attacks and DHCP starvation attacks DHCP snooping prevents rogue DHCP server attacksDynamic ARP inspection prevents current ARP attacks

  • Spoofing Attacks*

  • Spoofing AttacksMAC spoofing If MACs are used for network access an attacker can gain access to the networkAlso can be used to take over someones identity already on the network

    IP spoofingPing of deathICMP unreachable stormSYN floodTrusted IP addresses can be spoofed

  • Spoofing Attack: MACAttacker sends packets with the incorrect source MAC address If network control is by MAC address, the attacker now looks like 10.1.1.210.1.1.1MAC A10.1.1.2MAC B10.1.1.3MAC CReceived TrafficSource Address10.1.1.3Mac BTraffic Sent with MAC B Source

  • Spoofing Attack: IPAttacker sends packets with the incorrect source IP address Whatever device the packet is sent to will never reply to the attacker10.1.1.1MAC A10.1.1.2MAC B10.1.1.3MAC CReceived TrafficSource IP10.1.1.2Mac CTraffic Sent with IP 10.1.1.2Source

  • Spoofing Attack: IP/MACAttacker sends packets with the incorrect source IP and MAC addressNow looks like a device that is already on the network10.1.1.1MAC A10.1.1.2MAC B10.1.1.3MAC CReceived TrafficSource IP10.1.1.2Mac BTraffic Sent with IP10.1.1.2MAC B Source

  • Countermeasures to Spoofing Attacks:IP Source GuardUses the DHCP snooping binding table informationIP Source GuardOperates just like dynamic ARP inspection, but looks at every packet, not just ARP packetNonmatching Traffic Dropped10.1.1.1MAC A10.1.1.3MAC CReceived Traffic Source IP 10.1.1.2Mac B10.1.1.3MAC CTraffic Sent withIP 10.1.1.3Mac BTraffic Sent with IP 10.1.1.2 Mac CDHCP Snooping- Enabled Dynamic ARP Inspection- Enabled IP Source Guard-Enabled10.1.1.2MAC B

  • Countermeasures to Spoofing Attacks:IP Source GuardUses the information from the DHCP snooping binding table

    Looks at the MacAddress and IpAddress fields to see if the traffic from the interface is in the binding table, it not, traffic is blockedsh ip dhcp snooping bindingMacAddress IpAddress Lease(sec) Type VLAN Interface------------------ --------------- ---------- ------------- ---- --------------------00:03:47:B5:9F:AD 10.120.4.10 193185 dhcp-snooping 4 FastEthernet3/18

  • Countermeasures to Spoofing Attacks:IP Source GuardDHCP snooping has to be configured so the binding table it builtIP Source Guard is configured by portIP Source Guard with MAC does not learn the MAC from the device connected to the switch, it learns it from the DHCP offer

  • Countermeasures to Spoofing Attacks:IP Source GuardCisco IOSGlobal Commandsip dhcp snooping vlan 4,104no ip dhcp snooping information optionip dhcp snoopingInterface Commandsip verify source vlan dhcp-snoopingIP Source Guard Configuration IP Checking Only (No Opt 82)What most Enterprises Will RunStatic IP addresses can be learned, but only used for IP Source Guard

  • Building the LayersPort security prevents CAM attacks and DHCP starvation attacks DHCP snooping prevents rogue DHCP server attacksDynamic ARP inspection prevents current ARP attacksIP Source Guard prevents IP/MAC spoofing

  • Attacks on other Protocols*

  • Other Protocols?Yersinia can help you with: CDPDHCP802.1Q802.1XDTPHSRPSTPISLVTP

  • Spanning Tree BasicsSTP purpose: to maintain loop-free topologies in a redundant Layer 2 infrastructure

    STP is very simple; messages are sent using Bridge Protocol Data Units (BPDUs); basic messages include: configuration, topology change notification/acknowledgment (TCN/TCA); most have no payload

    Avoiding loops ensures broadcast traffic does not become stormsA Tree-Like, Loop-Free Topology Is Established from the Perspective of the Root BridgeA Switch Is Elected as RootRoot Selection Is Based on the Lowest Configured Priority of Any Switch 065535XRoot

  • Access SwitchesRootXBlockedSpanning Tree Attack ExampleSend BPDU messages to become root bridge

  • Spanning Tree Attack ExampleSend BPDU messages to become root bridgeThe attacker then sees frames he shouldntMITM, DoS, etc. all possibleAny attack is very sensitive to the original topology, trunking, PVST, etc.Although STP takes link speed into consideration, it is always done from the perspective of the root bridge; taking a Gb backbone to half-duplex 10 Mb was verified Requires attacker is dual homed to two different switches (with a hub, it can be done with just one interface on the attacking host)Access SwitchesRootRoot

  • STP Attack MitigationTry to design loop-free topologies where ever possible, so you do not need STPDont disable STP, introducing a loop would become another attackBPDU guardShould be run on all user facing ports and infrastructure facing portsDisables ports using portfast upon detection of a BPDU message on the portGlobally enabled on all ports running portfastCatOS> (enable)set spantree portfast bpdu-guard enable IOS(config)#spanning-tree portfast bpduguard

  • STP Attack MitigationRoot GuardDisables ports who would become the root bridge due to their BPDU advertisementConfigured on a per port basisCatOS> (enable) set spantree guard root 1/1 IOS(config)#spanning-tree guard root (or rootguard)

    IPv6 attack tools for neighbor SEC-2003


Related Documents
Essential Lockdowns for Layer 2 Switch Security

Essential Lockdowns for Layer 2 Switch Security

Category: Documents
Lecture 25 Link Layer (Ethernet, Switch)

Lecture 25 Link Layer (Ethernet, Switch)

Category: Documents
Cross-Layer Security Framework for Smart Grid: …eng.staff.alexu.edu.eg/~bmokhtar/publications/PSL_paper.pdfCross-Layer Security Framework for Smart Grid: Physical Security Layer

Cross-Layer Security Framework for Smart Grid:...

Category: Documents
Link Layer SECURITY

Link Layer SECURITY

Category: Documents
Ethernet Switch Solution. 2 Ethernet Switch Products Chassis / 10G Layer 3 Switch Metro Switch Stackable Switch Security Managed Switch Standard.

Ethernet Switch Solution. 2 Ethernet Switch Products ...

Category: Documents
P2P Layer 2 Switch - Stiegeler

P2P Layer 2 Switch - Stiegeler

Category: Documents
Server Configuration Guide - vmware.com · Virtual Switch Policies 53 Layer 2 Security Policy 53 ... iSCSI Security 112 Configuring Hardware-Initiated iSCSI ... ESX Server Architecture

Server Configuration Guide - vmware.com · Virtual Switch.....

Category: Documents
N8500-32C 100G Spine/Core Layer Switch · Data Center & Cloud Computing DATASHEET N8500-32C(100G Spine/Core Layer Switch) N8500-32C (32*100GbE) 100GbE Spine/Core Layer Switch

N8500-32C 100G Spine/Core Layer Switch · Data Center &...

Category: Documents
06 Layer 2 Switch

06 Layer 2 Switch

Category: Documents
24-Port Layer 3 Switch Management Guidespeed.cis.nctu.edu.tw/~ydlin/course/cn/exp/Exp_Manuals...Management Guide Guide 24-Port Layer 3 Switch Layer 3 Workgroup Switch with 24 10/100BASE-TX

24-Port Layer 3 Switch Management...

Category: Documents
Switch between two networks with this Layer 1 switch. · Switch between two networks with this Layer 1 switch. SW1040A is a basic latching A/B switch and SW1041A is a basic latching

Switch between two networks with this Layer 1 switch. ·...

Category: Documents
Network Layer Security

Network Layer Security

Category: Documents